Justin Conover schrieb:
On 8/8/05, Jason L Tibbitts III <tibbs@xxxxxxxxxxx> wrote:
"JC" == Justin Conover <justin.conover@xxxxxxxxx> writes:
JC> Is it stupid when someone is trying to get on your box, leaves the
JC> ip and has a website on that ip ;-)
Yes, but most of these hosts have been hacked and are just running
automated tools to find other hackable boxes.
To protect yourself, install denyhosts from extras, tune it to your
environment and enjoy the satisfaction of having these be blocked
automatically.
I hope to have an updated version of denyhosts checked into extras
soon.
- J<
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
http://www.redhat.com/mailman/listinfo/fedora-test-list
Very nice
the easiest would be, telling iptables not allowing connection to port
22 for given hosts - known as stealthing ports ;-)
Since i do that, i have no longer 100s of entries in my logs. The
firewall automatically drops all ssh-connection-tries not coming from
this ip.
iptables -I RH-Firewall-1-INPUT 10 -p tcp -s 192.168.0.10 --dport 22 -j
ACCEPT
e.g. this would allow ssh-access from 192.168.0.10 to this machine only.
all others would get "no route to host". since this, i have no more
brute-force-attacks against ssh on my server.
would be nice, having this in system-config-securitylevel ;-)
Roger
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
http://www.redhat.com/mailman/listinfo/fedora-test-list